Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[#171800318] preValidate with acceptedClockSkewMs #29

Merged
merged 4 commits into from
Mar 17, 2020
Merged

[#171800318] preValidate with acceptedClockSkewMs #29

merged 4 commits into from
Mar 17, 2020

Conversation

BurnedMarshal
Copy link
Contributor

No description provided.

@codecov-io
Copy link

Codecov Report

Merging #29 into master will decrease coverage by 0.75%.
The diff coverage is 93.75%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master      #29      +/-   ##
==========================================
- Coverage   66.08%   65.32%   -0.76%     
==========================================
  Files          10       10              
  Lines         690      698       +8     
  Branches      104      103       -1     
==========================================
  Hits          456      456              
- Misses        233      241       +8     
  Partials        1        1
Impacted Files Coverage Δ
src/utils/saml.ts 54.89% <93.75%> (-1.16%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 10b37aa...d9f1d50. Read the comment docs.

gunzip
gunzip reviewed Mar 17, 2020
View reviewed changes
src/utils/__tests__/saml.test.ts Outdated Show resolved Hide resolved
src/utils/__tests__/saml.test.ts Outdated Show resolved Hide resolved
src/utils/saml.ts
@@ -554,7 +554,11 @@ const mainAttributeValidation = (
.chain(IssueInstant => utcStringToDate(IssueInstant, "IssueInstant"))
.chain(
fromPredicate(
_ => !hasStrictValidation || _.getTime() < Date.now(),
_ =>
_.getTime() <
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we move this computation at caller level (at the same level of hasStrictValidation) so we can reuse it seamlessy between inner methods ? ie.

const acceptedClockSkewMs = (samlConfig.acceptedClockSkewMs || 0) === -1
            ? Infinity
            : Date.now() + samlConfig.acceptedClockSkewMs);

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In two cases the value is Infinity (NotBefore and IssueInstant) and on another case is -Infinity (NotOnOrAfter). How we can handle these scenarios?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry I didn't see this, it's ok as is then

BurnedMarshal and others added 2 commits March 17, 2020 11:39
@BurnedMarshal @gunzip
Fix test name
3296d09 
Co-Authored-By: Danilo Spinelli <gunzip@users.noreply.github.com>
@BurnedMarshal @gunzip
Fix test name
1c41a90 
Co-Authored-By: Danilo Spinelli <gunzip@users.noreply.github.com>
@gunzip gunzip self-requested a review March 17, 2020 10:52
@gunzip gunzip merged commit c0b6f03 into master Mar 17, 2020
@gunzip gunzip deleted the 171800318-prevalidate-acceptedclockskewms branch March 17, 2020 10:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gunzip gunzip gunzip approved these changes

@cloudify cloudify Awaiting requested review from cloudify

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@BurnedMarshal @codecov-io @gunzip